Web Services and Encription
Posted on 2002-07-18
I have a few public web methods that can be called by anyone on the internet using SOAP. The only security I've added is a username and password that is embedded in the XML that is passed in as a parameter to the web methods. I want to make my methods more secure by encripting the password, but I don't think that one way encription will do the trick if someone was to intercept my message. The web service has no knowledge of the callers, it only knows to validate the username and password combination.